[HECnet] 108.31.82.9/QCOCAL
Brian Schenkenberger, VAXman-
system at TMESIS.COM
Wed Jun 22 07:31:54 PDT 2016
Jordi Guillaumes i Pons <jg at jordi.guillaumes.name> writes:
>
>> El 20 juny 2016, a les 20:14, Brian Schenkenberger, VAXman- =
><system at TMESIS.COM> va escriure:
>>=20
>> 108.31.82.9.
>
>Uh, I=E2=80=99d bet the simulated 3900 is not the real origin of the =
>attack you are getting. It is probably behind a home DSL/cable router, =
>whith port 23 redirected to the 3900=E2=80=99, which has probably a =
>private IP address masqueraded using NAT=E2=80=A6 So probably the node =
>owner has been hacked and zombified, regadrless of he having a pet 3900 =
>open to the net.
That may very well be true too. I have found many attack vectors over the years that
have originated from home routers. Several home routers have known/identified/easily
exploitable weaknesses. Regardless, I will check to see if this IP address continues
to aggrieve me now that it's been reported that FTP is no longer possible from the VMS
instance.
--
VAXman- A Bored Certified VMS Kernel Mode Hacker VAXman(at)TMESIS(dot)ORG
I speak to machines with the voice of humanity.
More information about the Hecnet-list
mailing list